return (0);
}
-/* --- @dosequence@ --- *
- *
- * Arguments: @keyset *ks@ = pointer to a keyset
- * @uint32 seq@ = a sequence number from a packet
- *
- * Returns: Zero if the sequence number is OK, nonzero if it's not.
- *
- * Use: Checks a sequence number. The data in the keyset which keeps
- * track of valid sequence numbers is updated if the sequence
- * number given is good. It's assumed that the sequence number
- * has already been checked for authenticity.
- */
-
-static int dosequence(keyset *ks, uint32 seq)
-{
- switch (seq_check(&ks->iseq, seq)) {
- case SEQ_OK: break;
- case SEQ_OLD: a_warn("SYMM replay old-sequence"); return (-1);
- case SEQ_REPLAY: a_warn("SYMM replay duplicated-sequence"); return (-1);
- default: abort();
- }
- return (0);
-}
-
/*----- Operations on a single keyset -------------------------------------*/
/* --- @ks_drop@ --- *
if (!KEYOK(ks, now) ||
buf_ensure(bb, BLEN(b)) ||
dodecrypt(ks, ty, b, bb, &seq) ||
- dosequence(ks, seq))
+ seq_check(&ks->iseq, seq, "SYMM"))
return (-1);
return (0);
}
ks->seq); )
ks->f &= ~KSF_LISTEN;
}
- return (dosequence(ks, seq));
+ return (seq_check(&ks->iseq, seq, "SYMM"));
}
}
T( trace(T_KEYSET, "keyset: no matching keys, or incorrect MAC"); )